Let's specify some keywords fists.
FTPUSER = you with your ftp client
WWWDAEMON = program (servers) that's responsible for processing your web pages and scripts
WWWUSER = user as which the WWWDAEMON processes your pages
BROWSER = Someone looking at your website with a browser
FILES = files that reside in your www/ftp site
yourgroup = group that your FTPUSER belongs to and WWWUSER does not
You access your FILES as FTPUSER with a ftp program
-rwxr-xr-x 2 FTPUSER yourgroup 72 2012-01-18 13:56 somescript.php
Now.. becasue WWWDAEMON user WWWUSER is not you (FTPUSER) it respects OTHER permissions when it tries to read
your script. (There are hosting site's that run your scripts as your FTPUSER).
Removing the other read and exec permission will block use of somescript.php
# this scipt is unusable trough a browser
-rwxr-x--- 2 FTPUSER yourgroup 72 2012-01-18 13:56 somescript.php
Creating a directory with world writeable permissions will allow your script to write there, but unless you protect that directory somehow (like with .htaccess or put it outside your www dir) it might also mean that the BROWSER can access those files directly, because:
BROWSER contacts WWWDAEMON which runs as WWWUSER so
BROWSER can see everything processed by WWWDAEMON that the WWWUSER can.
Processed also means that WWWDAEMON also respects .htaccess or similar to block access.
The advice is to create say phpwritedir
and give it a+rwx rights. Add .htaccess
file there (if your hosting service allows it)
deny from all
Whit this your script run as WWWUSER can still use that directory, but WWWDAEMON will block any BROWSER access to it.
Most webservers can be run as reverse proxies, suitable for doing this. If you do everything right, you'll end up with something like the below (minus the "remote" part - since this will all be on one machine):
- Navigator is your machine
- Reverse Proxy is nginx running on your machine (
127.0.0.1:80
)
- Remote Server is the web site running on your machine (
127.0.0.1:59873
)
You can use a lightweight webserver like nginx (even runs on Windows), configure it to reverse proxy test.com
to 127.0.0.1:59873
and then add the following entry to your HOSTS
file:
127.0.0.1 test.com
Best Answer
I have success when I try
Or with PHP: